package me.sealer.ssm.controller;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import me.sealer.ssm.constant.Dict;
import me.sealer.ssm.controller.dto.CommonResponse;
import me.sealer.ssm.controller.dto.TokenResponse;
import me.sealer.ssm.service.SmsService;
import me.sealer.ssm.token.Token;
import me.sealer.ssm.token.TokenManager;
import me.sealer.ssm.utils.TokenImageBytesGenerator;
import org.springframework.http.MediaType;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;

/**
 * 功能描述： $ TokenController
 *
 * @author sealer
 * @email 1178884049@qq.com
 * @date 2019年12月02日 11时36分20秒
 */
@RestController
@Api(tags = "token相关api")
@RequestMapping("/token")
public class TokenController {
    @Resource(name = "imageTokenManager")
    private TokenManager imageTokenManager;

    @Resource(name = "resubmitTokenManager")
    private TokenManager resubmitTokenManager;

    @Resource(name = "phoneTokenManager")
    private TokenManager phoneTokenManager;

    @Resource(name = "webChineseSmsService")
    private SmsService webChineseSmsService;

    @ApiOperation(value = "生成图形验证码")
    @GetMapping(value = "/getImageToken", produces = MediaType.APPLICATION_OCTET_STREAM_VALUE)
    public byte[] createTokenImage(HttpServletRequest request) {

        Token token = imageTokenManager.createToken(request);
        return TokenImageBytesGenerator.createPic(token.getUniqueId());
    }

    /**
     * 生成防重复提交码 TODO sealer 此接口是不是不应该暴露出去？？？
     *
     * @param httpServletRequest httpServletRequest
     * @return commonResponse
     */
    @ApiOperation(value = "生成防重复提交码")
    @GetMapping(value = "/getResubmitToken", produces = MediaType.APPLICATION_JSON_VALUE)
    public CommonResponse<TokenResponse> createResubmitToken(HttpServletRequest httpServletRequest) {

        Token token = resubmitTokenManager.createToken(httpServletRequest);
        TokenResponse tokenResponse = new TokenResponse(token.getUniqueId());
        return new CommonResponse<>(tokenResponse);
    }

    /**
     * 验证码请做好以下几点防范：
     * 发送验证码1分钟只能点击发送1次；
     * 相同IP手机号码1天最多提交20次；
     * 验证码短信单个手机号码30分钟最多提交10次；
     * 在提交页面加入图形校验码，防止机器人恶意发送；
     * 在发送验证码接口程序中，判断图形校验码输入是否正确。
     *
     * @param phoneNumber        手机号
     * @param httpServletRequest httpServletRequest
     * @return CommonResponse<null>
     */
    @ApiOperation(value = "生成手机验证码")
    @GetMapping(value = "/getPhoneToken", produces = MediaType.APPLICATION_JSON_VALUE)
    public CommonResponse createPhoneToken(@RequestParam(Dict.PHONE_NUMBER) @ApiParam(value = "手机号", required = true) String phoneNumber, HttpServletRequest httpServletRequest) {

        Token token = phoneTokenManager.createToken(httpServletRequest);
        String tokenUniqueId = token.getUniqueId();

        // TODO lsl 从数据库获取短信模板, 组装短信
//        String text = "验证码:8888";
        String text = "sealer ssm平台提示您： 您登录的验证码为: " + tokenUniqueId + ", 有效期为3分钟。";

        webChineseSmsService.sendMessage(phoneNumber, text);
        return new CommonResponse<>();
    }
}
